ClickCease Critical Kernel Vulnerabilities Lead to System Crash

Content Table

Join Our Popular Newsletter

Join 4,500+ Linux & Open Source Professionals!

2x a month. No spam.

Critical Kernel Vulnerabilities Lead to System Crash

Rohan Timalsina

March 21, 2023 - TuxCare expert team

Several critical vulnerabilities were detected in the Linux kernel that could cause a denial of service (DoS), possibly execute arbitrary code, and leak sensitive information.

Additionally, important updates for PHP and Sudo have been released to avoid the risk of unauthorized access, compromise of sensitive information and files, and DoS attacks. It is recommended for all users update immediately to prevent any downtime or security breaches.

 

Linux Kernel Vulnerabilities

The Linux kernel has been detected with several critical security issues, including multiple use-after-free vulnerabilities and a stack-based buffer overflow vulnerability. An attacker can use these vulnerabilities to cause a denial of service (DoS), execute arbitrary code, and disclose sensitive information.

Finally, these issues have been fixed in the Linux kernel security update releases. So, it is highly recommended to all users that they update their systems to avoid risk and protect the information.

 

PHP Vulnerabilities

Whereas the security issues discovered in PHP include a critical vulnerability (CVE-2023-0568) related to the incorrect handling of long path resolutions and, a high-severity bug (CVE-2023-0662) related to the incorrect handling of numerous fields and file parts in HTTP form uploads.

The above issues can enable a remote attacker to gain unauthorized access or change sensitive information as well as overload PHP with excessive resource consumption to cause a denial of service (DoS).

Luckily, those vulnerabilities have been fixed in PHP now. It is advisable that all users should update to the new version and protect the system from attackers.

 

Sudo Vulnerabilities

Two critical vulnerabilities have been detected in the commonly used Sudo tool. These vulnerabilities include the improper handling of the per-command chroot feature (CVE-2023027320) and an issue found in sudoedit (CVE-2023022809).

These security issues can allow an attacker to escalate privileges and cause a denial of service (DoS). Furthermore, an attacker can modify arbitrary files with sudoedit access. Thus, new security updates have been released for Sudo to address these vulnerabilities.

With KernelEnterprise, you can live patch all Linux distributions. It deploys security patches with zero downtime or reboots, ensuring 100% uptime of your system. Learn more about KernelCare Enterprise here.

 

The sources for this article include a story from LinuxSecurity.

Summary
Critical Kernel Vulnerabilities Lead to System Crash
Article Name
Critical Kernel Vulnerabilities Lead to System Crash
Description
Several critical vulnerabilities were detected in the Linux kernel that could cause a denial of service (DoS).
Author
Publisher Name
TuxCare
Publisher Logo

Looking to automate vulnerability patching without kernel reboots, system downtime, or scheduled maintenance windows?

Learn About Live Patching with TuxCare

Become a TuxCare Guest Writer

Get started

Mail

Join

4,500

Linux & Open Source
Professionals!

Subscribe to
our newsletter